Providing all the extra info that didn't make it into the BlackHat 2012 USA Presentation "Still Passing the Hash 15 Years Later? Using the Keys to the Kingdom to Access All Your Data" by Alva Lease 'Skip' Duckwall IV and Christopher Campbell.

Saturday, July 28, 2012

Building the pth-suite / Post Install

Our first blog entry will discuss the process to build your very own .deb packages for Backtrack R2.

As of right now the build process is centered around Backtrack as the primary attack platform. However, I've already received a request for assistance in building packages for RedHat / CentOS based distributions. I will probably also modify the build process to do tarballs as well, as that might be better for some folks.

By default, all my scripts create the .deb packages to install into /opt/pth. This way they don't overwrite or otherwise conflict with existing packages. Also, most of the compiled binaries will automatically look in /opt/pth for their required libraries, which makes life easier.

1) As root, you can checkout the items from google code by doing the following:

2) Change directories into the build directory and install the precompilation dependencies. I tested the scripts from a freshly installed version of Backtrack 5R2. Hopefully none of the dependencies fail.

# cd pth-suite/build# sh all-deps.sh

3) Execute the script for the utility that you want to build. In this case we'll go with building Samba 4 and Openchange. Since Openchange versioning is so closely tied to a particular version of Samba 4, we take advantage of the Openchange Samba 4 build script to ensure that Samba is built the way Openchange wants. Because of this, this particular build script builds both Samba and then Openchange. The first step in the build process is to download the source for Openchange and Samba. From there the script will build everything. Final packages will be in the packages subdirectory.

# ./build-samba4-openchange.sh

5) Repeat the build process for each of the utilities you want to install. Keep in mind that during their build process they are installed into /opt/pth and then removed as part of creating a package. Therefore, /opt/pth should not initially exist. Note the packages will take a while to compile. Most noteably, Firefox might take a couple of hours depending on your CPU. You've been warned.

6) After all the packages have been compiled, you can install the .deb packages using dpkg.

# dpkg -i packages/*.deb

7) After the installation, you will need to create a file in /etc/ld.so.conf.d to reference the library path /opt/pth/lib. This is done by:

# echo /opt/pth/lib > /etc/ld.so.conf.d/pth.conf# ldconfig

8) Add /opt/pth/bin to your path either manually or by editing ~/.bashrc.